W3builders
AOP API

AOP API/Authentication

Get Access Token

POST/auth/token
no authPrimary write endpoint

Exchange a client_id + client_secret for an access token. This is the entry point for every external integration.

Endpoint

POSThttps://api.w3builders.com/v1/auth/token

Request body

  • client_id (required)
  • client_secret (required)
  • Generate client_id/client_secret from the AOP dashboard: Settings → API Access. The secret is shown once at creation time — store it securely.
  • access_token is a 30-minute JWT, scoped to your tenant. Use the Authorization: Bearer <access_token> header on every other request on this page.
  • refresh_token is valid for 30 days and single-use — each refresh call rotates it. Store the latest one.

Response parameters

FieldType
access_tokenvalue
token_typevalue
expires_invalue
refresh_tokenvalue
Get Access Token
curl -X POST https://api.w3builders.com/v1/auth/token \
-H "Content-Type: application/json" \
-d '{
"client_id": "ck_5f2a...",
"client_secret": "cs_9d41..."
}'
{
"access_token": "eyJhbGciOi...",
"token_type": "Bearer",
"expires_in": 1800,
"refresh_token": "5c2f9e..."
}
Was this page helpful?